NSA begins crypto upgrade

15-year plan to fund new encoding technology

Editor’s note: On Sept. 10, 2001, Federal Computer Week wrote about the National Security Agency beginning a 15-year Crypto Modernization Program. The amount budgeted for the program was classified information, but it was multiple millions in the first year and expected to be greater than that in subsequent years.

The National Security Agency is beginning a 15-year, multibillion-dollar effort to modernize the nation’s cryptographic systems, which are rapidly growing obsolete and vulnerable. Cryptographic systems encode messages and include such tools as secure telephones, tactical radios and smart cards. Virtually every federal department and agency — including the military, the White House, intelligence agencies and the State Department — use encryption. But existing encryption algorithms are no longer cutting-edge, and hardware for many systems is becoming obsolete. Replacing them is a top goal for NSA’s information assurance directorate, said Michael Jacobs, who heads the directorate.

“When it comes to protecting our information, the first line of defense is NSA-provided cryptography,” said Vice Adm. Richard Mayo, Navy director of space, information warfare, command and control, speaking before the House Armed Services Committee in May. Mayo said the Navy, joint forces and allied militaries have more than “400,000 such cryptographic products of varying type in our in inventory for voice, video and data.”

“A lot of that [hardware] technology is at or [is] getting to the point where you cannot obtain replacement parts, so it’s becoming a maintenance problem,” Jacobs said. He noted that the security features in the cryptographic systems — “specifically the underlying cryptographic algorithms” — are nearing the end of their life expectancy.

The agency recently published a cryptography plan and shared its vision with 70 potential vendors this summer. NSA will fund early development of new technologies under the Crypto Modernization Program, and the various departments and agencies will acquire the systems once they have been developed.

“Information system security is the name of the game, and if NSA cannot guarantee that security, it is a serious problem,” said Steven Aftergood, intelligence policy analyst for the Federation of American Scientists. “It’s a problem for everyone who depends on secure communications, and that’s almost everyone in government.”

NSA’s budget is classified, but Jacobs said the agency has budgeted “multiple millions” of dollars just to update its cryptographic systems in 2002 and is seeking to increase funding in its 2003 to 2008 budget plan.

“We’re at the front end of this process, which in terms of dollar value is a lot smaller than the middle and back end, where acquisition starts,” Jacobs said.

Agency officials must decide which families of equipment they initially want to modify or replace; the first modernized products will likely be delivered in 2004.

Featured

  • Contracting
    8 prototypes of the border walls as tweeted by CBP San Diego

    DHS contractors face protests – on the streets

    Tech companies are facing protests internally from workers and externally from activists about doing for government amid controversial policies like "zero tolerance" for illegal immigration.

  • Workforce
    By Mark Van Scyoc Royalty-free stock photo ID: 285175268

    At OPM, Weichert pushes direct hire, pay agent changes

    Margaret Weichert, now acting director of the Office of Personnel Management, is clearing agencies to make direct hires in IT, cyber and other tech fields and is changing pay for specialized occupations.

  • Cloud
    Shutterstock ID ID: 222190471 By wk1003mike

    IBM protests JEDI cloud deal

    As the deadline to submit bids on the Pentagon's $10 billion, 10-year warfighter cloud deal draws near, IBM announced a legal protest.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.